nix-nodeiwest

Composable company Nix for NodeiWest workstations and project shells.

This repo is now structured as a shared SDK:

• modules/ holds focused Home Manager building blocks
• profiles/ bundles those modules into opinionated employee entrypoints
• shells/ exposes reusable flake dev shells for project repos
• systems/ adapts the shared modules into Darwin or standalone Linux Home Manager configs
• lib/ holds the small helpers that keep composition consistent
• templates/ bootstraps downstream user flakes

It does not define users or machines directly. Downstream flakes decide who uses which profile.

Layout

.
├── flake.nix
├── lib/
├── modules/
│   ├── base/
│   ├── dev/
│   ├── optional/
│   ├── roles/
│   ├── secrets/
│   └── services/
├── profiles/
├── shells/
├── systems/
└── templates/

Flake Interface

Primary outputs:

• homeManagerModules.base.*: low-level base modules
• homeManagerModules.dev.*: language and workflow modules
• homeManagerModules.roles.*: reusable role bundles
• homeManagerModules.profiles.*: ready-made employee profiles
• homeManagerModules.default: compatibility shim for the old default home module
• lib.mkSystem: chooses the Darwin or Linux adapter for a downstream flake
• lib.shells.*: shell factories for repo-local dev environments
• devShells.<system>.*: ready-to-use company shells
• templates.user-flake: starter personal flake

Workstation Consumption

Downstream user flakes own the actual machine definitions. They consume profiles from this repo:

{
  inputs.company.url = "git+ssh://git@git.dgren.dev/employees/company-nix.git";

  outputs = { company, ... }: {
    darwinConfigurations.eric = company.lib.mkSystem {
      target = "darwin";
      system = "aarch64-darwin";
      username = "eric";
      homeDirectory = "/Users/eric";
      modules = [
        company.homeManagerModules.profiles.frontend
      ];
    };
  };
}

For Linux Home Manager:

{
  inputs.company.url = "git+ssh://git@git.dgren.dev/employees/company-nix.git";

  outputs = { company, ... }: {
    homeConfigurations."eric@work" = company.lib.mkSystem {
      target = "linux";
      system = "x86_64-linux";
      username = "eric";
      homeDirectory = "/home/eric";
      modules = [
        company.homeManagerModules.profiles.backend
      ];
    };
  };
}

Project Shell Consumption

Project repos should keep their own flake and compose shells from this repo instead of outsourcing project ownership here.

Use the ready-made shell directly:

{
  inputs.company.url = "git+ssh://git@git.dgren.dev/employees/company-nix.git";

  outputs = { nixpkgs, company, ... }:
    let
      system = "x86_64-linux";
      pkgs = import nixpkgs { inherit system; };
    in
    {
      devShells.${system}.default = company.lib.shells.node {
        inherit pkgs;
        extraPackages = [ pkgs.ffmpeg ];
      };
    };
}

Or extend the published company shell in place:

devShells.${system}.default = pkgs.mkShell {
  inputsFrom = [ company.devShells.${system}.node ];
  packages = [ pkgs.ffmpeg ];
};

Template

Bootstrap a personal flake with:

nix flake init -t .#user-flake

That template is intentionally small. Add machine-specific modules in the personal repo, not here.